Visible Ops is a handbook designed to jumpstart implementation of controls and process improvement in IT organizations needing to increase service levels, decrease costs, and increase security and auditability. Visible Ops describes four prescriptive and self-fueling steps to take an organization from any starting point to a continually improving, controlled process.
What benefit does Visible Ops provide?
We developed the Visible Ops methodology because we could not find any satisfactory answer to the question: "I believe in the need for IT process improvement, but where do I start?" Although ITIL provides a wealth of best practices, it lacks prescriptive guidance: What do you implement first, and how do you do it? Moreover, the ITIL books remain relatively expensive to distribute. Other information, publicly available from a variety of sources, is too general and vague to effectively aid organizations that need to start or enhance process improvement efforts. The Visible Ops booklet provides useful guidance and a prescriptive roadmap for organizations beginning or continuing their IT process improvement journey.
Synopsis of Visible Ops
Visible Ops is the result of more than three years of studying high-performing IT operations and security organizations by the ITPI. Visible Ops illustrates how interested organizations might replicate the processes of these high-performing organizations in just four steps. Each of these steps has the following characteristics:
. Definitive Projects - each step is a project, with a clearly defined objective and exit criteria.
. Ordered - each step is specifically designed to build upon the previous step.
. Catalytic - each step returns more resources to the organization than it consumed, thus fueling the next step.
. Sustaining - each step creates enough value to the organization that the processes developed remain in place, even if the initial driving forces behind its implementation disappear.
. Auditable - each step provides auditable evidence that preventive and detective controls are working and are effective.
The Four Visible Ops steps
Each of the four ordered Visible Ops steps are described below.
1. Stabilize Patient, Modify First Response
Almost 80% of outages are self-inflicted. The first step is to control risky changes and reduce MTTR by addressing how changes are managed and how problems are resolved.
2. Catch and Release, Find Fragile Artifacts
Often, infrastructure exists that cannot be repeatedly replicated. In this step, we inventory assets, configurations and services, to identify those with the lowest change success rates, highest MTTR and highest business downtime costs.
3. Establish Repeatable Build Library
The highest return on investment is implementing effective release management processes. This step creates repeatable builds for the most critical assets and services, to make it "cheaper to rebuild than to repair."
4. Enable Continuous Improvement
The previous steps have progressively built a closed-loop between the Release, Control and Resolution processes. This step implements metrics to allow continuous improvement of all of these process areas, to best ensure that business objectives are met.
Visible Ops is an intuitive methodology that both IT and business stakeholders can readily understand. Because IT is so pervasive, its effective management is critical to all stakeholders. We believe the audience for Visible Ops extends beyond IT to include IT operations,customers, external audit, IT security, users,management, andinternal audit.
"A frequent complaint of ITIL consultants is that not many ITIL implementation tools are publicly available.
For the experienced IT Service Management practitioner, it sometimes seems we have to re-invent the wheel each time.
Visible Ops fills a big part of that void.
It provides a practical insight in how to kick-start an IT Service Management improvement effort.
Its common sense approach and very readable style give this book a mandatory place in the library of any IT manager.
Visible Ops is indeed comparable to the manual for an Emergency Room of a hospital.
I particularly liked the fact it does not pretend to be an operational 'bible' for the phases beyond the ER.
"Visible Ops describes four steps to control an IT environment.
The unassailable logic behind these steps is based on the practical experience of the authors, Gene Kim and Kevin Behr.
These same steps can easily be mapped to any maturity model and Visible Ops hence describes a roadmap to maturity.
"The first two phases of Visible Ops help organizations control the infrastructure.
The third Visible Ops phase helps organizations control the services, in the spirit of Service-Oriented Architectures and IT Service Management.
The last phase of Visible Ops helps organizations control the strategic value, which provides an opportunity for IT to align itself with the business and to gradually maximize its 'bang for the buck'.
The easy mapping between the Visible Ops phases and any maturity model validates the compelling logic of the book."
"Gene and Kevin have hit the preverbal 'IT nail' right on the head.
When I educate customers on the benefits of documented and repeatable procedures such as ITIL and COBIT, they are always concerned about the complexity and where to start.
Visible Ops creates a logical starting point and details the key 'issues and indicators'.
This handbook is a 'must read' for IT Managers and Directors who are implementing a mandate from their CIO or Board of Directors to become compliant for auditors and federal regulations."
Henry E. Wojcik
Director, Enterprise Service Management
Network Data Systems, Inc
" The Visible Ops Handbook is the Rosetta Stone that the IT industry and its leadership have been seeking to allow them to communicate the value of ITIL to the business.
Visible Ops is simple and clear, provides a roadmap of how to make an IT department not only perform better, but also to deliver more value back to the business.
Without doubt, each of the four steps they outlined have value and are well supported."
Daniel S. Waite
'Visible Ops is a methodology that comprehensively responds to major issues I have raised over and over again in my long career in financial and technology auditing. To attest to the reliability of systems, I need to see: controls in place, controls documented, controls communicated, and evidence of the controls in action. Visible Ops supports processes to answer the auditors' eternal question: "How do we know...?"
Name: Ruby Christina Bauske
Title: Lead Technology Auditor
Affiliations: CPA, CIA, CISA, CISSP
Company: Christina Bauske CPA, P.C., Portland, Oregon USA
The Visible Ops handbook provides a great roadmap for IT executives to see their way through the thicket of chaotic operations, and in to the clearing of repeatable processes. It follows in the footsteps of software development processes like the Capability Maturity Model (CMM), and offers the potential to provide a real ROI by reducing the effort in wasted firefighting.
Name: Jeremy Epstein
Title: Senior Director, Product Security
Company: webMethods, Inc.
'Finally, a "Best Practice" that is based upon research and industry knowledge. Too often, best practice papers are written with little or no influence or research from those actually performing the work in the real world. This approach is a step by step, methodical approach for any organization looking to get a grip on Change Management and improve operations. The books format and introduction of methodologies will set the pace for all future publications!'
Name: Charles Hornat
Title: Global Information Security Manager
'This is a very valuable resource for anyone just getting started. If this resource had been available when I was putting together the Change Management plan for our department, It would have saved me many hours of research. I highly recommend it as both a reference and developmental tool. It will help you identify the processes and order in which you should develop and implement the various ITIL BS 1500 process areas. More importantly the tips for audit preparation will help you identify the specific areas of improvement and help you identify and target areas requiring an organizational culture change. Well written, easy to follow, with good examples; It has everything you need from beginning development through the measuring the results.'
Name: Jackie Shaffer
Title: Systems Project Administrator
Company: Florida Department of Education
'Change management done wrong is painful and cumbersome and results in a lot of "fire fighting." Change management that is effective, though, enables IT operations and information security to work more efficiently and better support business groups. It also makes audits easier to pass and perform. This book clearly explains, in a practical and manageable approach, what it takes for organizations to implement change management that really works. If organizations will agree to follow the approach in this book and then stick to it, they will soon begin to see how structured, discliplined change management will actually make their lives easier, will not stifle responsiveness or flexibility, and will help to extinguish many of the fires.'
Name: Craig Morgan
Title: Principal Security Consultant
Company: Enspherics, a division of CIBER
'Visible Ops provides the IT practitioner at any level with a catalytic approach to improving operational controls. The Visible Ops toolset helps organizations find a toehold in spite of sheer cliffs of chaos. If you are looking to start or improve configuration management, champion a repeatable server provisioning process, and institute meaningful metrics that breed quality decisions, Visible Ops is the place to start.'
Name: Bill Shinn
Title: Information Security Analyst
'Visible Ops provides a clear cut methodology and practice to finally contain the rampant change I have been fighting with or ignoring due to lack of time and resources. The layout provides a scaleable template that fits around any size shop to get back in control, and then actually stay there for longer than one patch or product release.'
Name: Troy Thompson
Title: Director Technology Operations
Company: Thompson Group International (www.thompsongroup.us / firstname.lastname@example.org )
'This is something I would want to have in my toolkit, a pocket knife, a can of sterno, a compass and this guide.'
Name: Ron Zika
Title: Senior Consultant for Waypoint